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DETAILED ACTION 



Claim Rejections - 35 USC §112 



1 . The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

2. Claims 7 and 19 recites the limitation "the at least one first port identifier" in line 
4. There is insufficient antecedent basis for this limitation in the claim. 

Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 



4. Claims 1-5, 8-17, and 20 rejected under 35 U.S.C. 102(e) as being preceded by 
Devine et al., US Patent No. 6606708 (hereafter referred to as 708). 

5. As to claims 1 and 13: 

708 teaches a system for protecting an information resource comprising: 
A server / Web servers (Fig. 1 , Element 24, 708) 

First set of ports / Each HTTP request is a separate TCP/IP connection (Col. 20, Line 
55, 708), Port connectivity is inherent to the TCP/IP protocol suite 
Second set of ports / Through firewall 29b over a TCP/IP connection (Col. 9, Line 1 , 
708), Port connectivity is inherent to the TCP/IP protocol suite 



states. 
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First firewall / (Fig. 5, Element 29a, 708) 

Second firewall / (Fig. 5, Element 29b, 708), double firewall system (Col. 22, Line 18, 
780) 

6. As to claim 2: 

First firewall having different port identifiers than the inter ports / Firewalls connect with 
a designated port address. Router/firewall 29a may only connect to addresses set for 
web servers within the DMZ, and router/firewall 29b may only connect to the port 
addresses set for the dispatch server... application servers (Col. 22, Line 25 et seq., 
780). The standard port for HTTP over the Internet is port 80 for users to connect to 
the web server, while the back end connection to the OEServer port is specified in a 
later request. 

7. As to claims 3 and 15: 

First firewall blocks incoming transmission data when port does not coincide with 
reference port identifier / only connect with a designated port address, such as 
HydraWeb (Col. 22, Line 25 et seq., 780) 

8. As to claims 4 and 16: 

Interconnection supporting HTTP / Each HTTP request is a separate TCP/IP connection 
(Col. 20, Line 55, 708), 



T 
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Interconnection dedicated to encrypted HTTP / with a secure sockets SSL version of 
HTTPS 

Interconnection for monitoring a server / Monitors all aspects of web server health (Col 
23, Line 32. 708) 

Interconnection for monitoring operations and maintenance of the internal resource / 
Monitors all aspects of web server health (Col 23, Line 32, 708) 

9. As to claims 5 and 17: 

The second firewall interconnection is only established for a limited duration, as needed 
basis / It is inherent to TCP/IP that the packets of limited size be transmitted when 
functionally necessary 

10. As to claims 8 and 20: 

Second firewall blocks a message when external users attempt to use a first port 
identifier to penetrate the second firewall / Port specific filtering routers only connect 
with a designated port address (Col 22, Line 26, 708). 

11. As to claim 9: 

Lack of interconnection represents a state of blocked communication / It is inherent to 
TCP that without an open dataflow connection, no data will travel through the firewall 



12. As to claim 10: 
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Number of interconnections represents zero for a high security mode / It is a capability 
of all proxy firewall configurations to block all communications. 

13. As to claim 11 and 14: 

The nonnegative integer number of interconnections is equal to the at least one 
interconnection during normal security mode / After a user connection with a web 
server, the server forwards the message on a new TCP socket (Col 8, Line 65 et seq., 
708) 

14. As to claim 12: 

External network comprises the Internet / Internet (Fig 1, Element 15, 708) 

15. Claims 21-29 rejected under 35 U.S.C. 102(b) as being preceded by CERT 
Advisory CA-1 996-21 (hereafter referred to as CERT). 

16. As to claim 21-23: 

Preparing a data message / Network Packet (Page 2, Paragraph 7, CERT) 
First/Second port identifier / Source/Destination Address (Page 2, Paragraph 7, CERT) 
Determining if the first port ID matches a reference ID... handling/block/pass data 
message / Filter outgoing packets that have a source address different from your 
internal network (Page 4, Paragraph 1, CERT). 
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17. As to claims 24-26: 

Deciding if the second port ID matches a reference ID of the second firewall, 
processing/block/pass the data message / Upon receipt of a packet containing a 
destination address different from that of the server IP, the router/firewall of CERT 
would not allow the packet to further propagate. 

18. As to claims 27-29: 

Deciding if the sent source address matches a reference source address of the second 
firewall, process/block/pass the data message / restrict the input to the external 
interface by not allowing a packet through if it has a source address from your internal 
network (Page 4, Paragraph 1, CERT). 



19. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

20. Claims 6 and 18 rejected under 35 U.S.C. 103(a) as being unpatentable over 
Lucent Managed Firewall Version 2.0 (hereafter referred to as LMF). 

As to claims 6 and 18: 

21 . 708 teaches a system for protecting an information resource using multiple 



Claim Rejections - 35 USC § 103 



firewalls. 708 does not teach for the server to remotely configure the firewalls. LMF 
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teaches a multi-firewall system for protecting an information resource using Security 
Management Server software (Page 1 , Paragraph 6, LMF) to manage and configure the 
software based firewalls (Page 2, Paragraph 4, LMF). It would have been obvious to a 
person of ordinary skill in the art at the time of invention to incorporate the software 
firewall configuration utility onto the invention of 708. One of ordinary skill in the art 
would have been motivated to incorporate the software firewall configuration utility onto 
the invention of 708 because the software firewall configuration utility provides means 
to more easily and quickly configure firewalls from a remote location. 



22. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jonathan R Adams whose telephone number is (703) 
305-8894. The examiner can normally be reached on Monday - Friday from 10am to 
6pm. 

23. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse, can be reached on (703) 308-4789. The fax phone number 
for the organization where this application or proceeding is assigned is (703) 872-9306. 
Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703) 305-3900. 



Conclusion 
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